sbalneavEvening all01:19
HedgeMagehi, sbalneav01:32
sbalneavJust sitting here in the coffee shop, waiting for my son to finish his piano lession01:41
sbalneavlooking at bugs :)01:42
sbalneavlooks like I've got 4 or 5 good bugs to deal with for bug day01:42
sbalneavWhich reminds me01:42
sbalneavI should blog about it.01:42
HedgeMagewhen is bug day again?02:04
HedgeMagesbalneav: ^^^02:05
sbalneavHedgeMage: 12th02:15
dhillon-v10HedgeMage, while copying over the issues do you want me to copy  the ones that have been resolved as well, or just the ones that are open02:32
HedgeMagedhillon-v10: please do both, so we don't have to wonder what has or hasn't been finished02:39
dhillon-v10HedgeMage, alright I am done with like 10 of those, just marking all of them confirmed :)02:40
dhillon-v10highvoltage, HedgeMage, I know I was added me to the website team but i still can't set the importance of the bugs, why is that?02:41
dhillon-v10HedgeMage, you bugs are short and sweet, so not much work :)02:42
HedgeMagedhillon-v10: I have no idea, I'm not very familiar with LP02:43
dhillon-v10HedgeMage, I work with ubuntu and kubuntu website, and since those projects added me to their team I was able to change the importance, maybe highvoltage knows why this is happening02:44
HedgeMagedhillon-v10: maybe he has to make the team own the project instead of his account owning it?02:45
HedgeMageI'm not sure02:45
HedgeMageAs I said I'm new to LP02:45
dhillon-v10HedgeMage, :) okay I guess I can wait for sometime02:45
dhillon-v10HedgeMage, its all done :) took me 15 mins02:55
dhillon-v10HedgeMage, now I'll add the tags and finish up02:56
HedgeMagedhillon-v10: thanks...you rock :)02:56
dhillon-v10HedgeMage, nah, its just copying and pasting :) the next part is where I will actually do work02:56
HedgeMageYou have no idea how much I hate that sort of thing (I hated entering them in the first place).  I'd choose coding for an hour over documenting/data entry for 20 minutes any time.02:57
HedgeMagedhillon-v10: anyone who makes me have to do less of it is tops in my book :D02:57
dhillon-v10HedgeMage, yah entering them is a pain if you aren't used to it, I triage a lot of bugs so :) what's next02:59
HedgeMagecan you link me to the project so I can look at the list?03:01
HedgeMageI thought I had it somewhere...03:01
dhillon-v10HedgeMage, brb gotta eat dinner03:02
HedgeMagedhillon-v10: also, are edge and regular LP operating on the same data, or do we have to make sure to use the same one?03:02
dhillon-v10HedgeMage, alright i am back, edge and lp use the same data, edge just might have some experimental stuff. here's the link: https://bugs.edge.launchpad.net/edubuntu-website/+bugs you might see that there's a tag on the side that says github, those are all the bugs that I copied from github03:22
HedgeMagedhillon-v10: awesome, thanks!03:29
dhillon-v10HedgeMage, np, now you said you wanted to tag some bugs as redesign right, which ones are they03:30
HedgeMagedhillon-v10: sorry about that, back now03:43
HedgeMagedhillon-v10: still around?03:51
dhillon-v10HedgeMage, yup ;003:51
dhillon-v10HedgeMage, wow that was a smiley fail03:51
dhillon-v10HedgeMage, so which bugs were the ones you wanted to have the tag redesign03:52
HedgeMageI'd like everything we moved to have a tag referring to de upgrade/redesign so we can find them.  I don't want to worry about stuff that applies to the old site or the wiki03:53
* HedgeMage is all about focus, or at least tries to be when -- ooo! shiney!03:53
dhillon-v10HedgeMage, alright :) so you like shiny stuff03:55
* HedgeMage == easily distracted03:55
dhillon-v10HedgeMage, if there's nothing else atm that I need to work on, I'll get to finishing my homework can we continue tomorrow03:57
* dhillon-v10 thinks HedgeMage is busy04:00
HedgeMagedhillon-v10: go for the homework thanks for the issue queue stuff :)04:00
HedgeMagedhillon-v10: just parenting, as usual :)04:00
dhillon-v10HedgeMage, alright then bye and good night :)04:00
HedgeMageyou, too :)04:01
* stgraber is trying to do some seed magic and get rid of some 800MB of packages from the DVD04:21
stgraberI'm trying to only have the netbook remix packages on the DVD and drop the text installer to see if it works as I think it should ;)04:21
HedgeMageI saw you on identi.ca :)04:22
stgraberyeah ! looks like I managed to get a DVD image that'll only contain extra packages + the live environment04:41
stgraberwith extra packages being LTSP and the netbook interface04:41
stgraberjust need to upload that and check tomorrow for the new DVD image04:42
HedgeMagestgraber: ignoring the lack of theme, we do now have the identi.ca group integration on the new site: http://edubuntu.frogandowl.org/04:46
stgraberyeah ! looks great04:48
HedgeMageone tiny step at a time04:48
nixternalyou know, I typically do not like that theme because it is always blue, but it looks good with the Edubuntu colors04:49
nixternalThu, 2009-01-08 22:01 — nubae   <- just need to hide that block on the front page :)04:50
HedgeMageit's not our permanent theme04:50
nixternalwhere is the permanent one?04:50
nixternaldon't make me go to email, I am to lazy :)04:50
HedgeMagenixternal: mockups at http://imagebin.ca/view/KgCXBt.html and http://imagebin.ca/view/5n49WaF.html04:51
HedgeMagenixternal: it's still under development04:51
nixternalcan we add one more logo to it? :p04:51
nixternalI like it!04:52
HedgeMagelol :)04:52
nixternalhaha, "random animal"04:52
HedgeMagewell, I wanted people to pay attention to the layout, not the content :P04:52
alkisg!info ltsp-server06:20
ubottultsp-server (source: ltsp): Basic LTSP server environment. In component main, is optional. Version 5.1.90-0ubuntu3 (karmic), package size 103 kB, installed size 1204 kB06:20
alkisg!info ltsp-server lucid06:20
ubottultsp-server (source: ltsp): Basic LTSP server environment. In component main, is optional. Version 5.1.98-0ubuntu1 (lucid), package size 101 kB, installed size 1256 kB06:20
sbalneavMorning all.  I'll be afk most of the day, as I'll be in a management training course most of the day12:45
dgroosalkisg: around? asquare? atriangle?14:06
alkisgdgroos: shoot14:06
dgroosproblems from yesterday seemed to have cleared up :)14:07
dgroosdon't know why.14:07
dgroosSo, I'm working on importing the users w/your script.14:07
dgroosI think I might have made a mistake when I changed the permissions to 777 for the csv file I created though...14:08
alkisgI don't think the .csv permissions would matter anywhere... what do you get?14:08
dgroosWhen I was trying to import the users (menu option 3) I got a message in Terminal: "useradd: cannot lock /etc/passwd; try again later."14:09
dgroosI got this message about 50 times.14:09
dgroosThe only deviation I had to make from your directions was that when I ran the script...14:10
alkisgDid you run it with "sudo"?14:10
alkisgStrange. Did you have any other programs open, e.g. the gnome users-admin?14:11
dgroosand chose option 3, to be able to locate the file I had to select the button in the bottom right hand corner and select the other option from the dropdown menu of 2 options.14:11
dgroosjust firefox.14:12
dgroosAlso, it looks like it imported maybe half the users?14:13
alkisgdgroos: would you mind if I connected to your PC with vnc so that we can both look at it?14:13
dgroosNo prob14:13
alkisgrun: sudo apt-get install x11vnc14:13
alkisgthen: x11vnc -connect alkisg.dyndns.org14:13
dgrooscool :)14:15
dgroosthis is less than half the users14:16
dgroosWow.... how much you charge?14:26
alkisgdgroos: haha14:26
HedgeMageGood morning all :)14:26
alkisgdgroos: I'm guessing that the system is locking /etc/passwd to read the new users, and while it does that, no new users can be added!!!14:27
alkisgGood morning HedgeMage14:27
dgroosI wonder if there are license fees on this script and only allows 30 users at a time ;)14:27
alkisgLol!! :D14:27
alkisgdgroos: I haven't tried it with so many users, so I'll debug it ASAP. The users should be fine now, though...14:28
alkisg(I closed vnc btw)14:28
dgrooshmmm... I ran the script again with option 5.  It went down the list with, '...already exists' and stopped on a user and seemed to hang there.  I waited about 15 minutes.  The mouse cursor was nowhere to be found so I control-C and the script exited w/ message...14:48
dgroosFile "import-export-users.py", line 210, in <module> gtk.main()14:49
alkisgdgroos: aren't all the users imported?14:50
dgroosI'm not sure?  Did you do them all?14:50
alkisgI think so, wanna connect with vnc again?14:51
dgroosI don't want to take your time without trying some more on my side though thanks very much.  I've got to teach now but will try again around midnight your time ;).  I'll let you know how it goes!  It might be OK after a restart :)14:54
dgroosalkisg: Again, thanks so much for your time.14:55
alkisgYou're welcome...14:55
alkisg!info karmic thunderbird19:25
ubottu'thunderbird' is not a valid distribution: hardy, hardy-backports, intrepid, intrepid-backports, jaunty, jaunty-backports, karmic, karmic-backports, karmic-proposed, kubuntu-backports, kubuntu-experimental, kubuntu-updates, lucid, lucid-backports, lucid-proposed, medibuntu, partner19:25
alkisg!info thunderbird karmic19:25
ubottuthunderbird (source: thunderbird): mail/news client with RSS and integrated spam filter support. In component main, is optional. Version (karmic), package size 11814 kB, installed size 35316 kB19:25
alkisg!info thunderbird lucid19:28
ubottuthunderbird (source: thunderbird): mail/news client with RSS and integrated spam filter support. In component main, is optional. Version (lucid), package size 11814 kB, installed size 35316 kB19:29
=== highvolt1ge is now known as highvoltage
MagicFabogra, pleia2 o/21:17
MagicFabHi all - I am playing with a test system and LTSP, I noticed when hardening the ssh server setup on LTSP th ethin clients are refused authentication (connection refused) because of the PasswordAuthentication=no setting21:18
MagicFabI thought PKA was automatic. If it's not, how can can Iset the client to use only that ?21:18
alkisgMagicFab: how would the users login? Automatically, with no username/password?21:19
MagicFabalkisg, I meant the image doesn't even load - I am not referring to splash login21:20
alkisgThe image loads with nbd, that doesn't relate to ssh security...21:20
MagicFabHmm.... I see "After logging in, ldm starts a ssh tunnel and executes a X session on the server which is displayed through the tunnel on the thin client's X server. Using ssh here has the big advantage that you don't need to have a Xserver configured on the client and no unsafe TCP X transport is used as was done in older days of ltsp."21:21
MagicFab(from https://help.ubuntu.com/community/ThinClientHowto)21:21
MagicFabsorry I actually meant the opposite in my previous comment21:22
alkisgldm is the display manager, the one that gets the username/password from the user21:22
alkisgThat's when the image *finishes* loading...21:22
MagicFabSo all users need to generate RSA pairs and have that on the server ? I came across this when setting up remote access to that server.21:23
alkisgRSA pairs would mean that you had some user storage on the client21:24
alkisgThat is not the (usual) case with LTSP21:24
MagicFabI guess my question is what's the best practice to have both remote access to the server and proper settings for the clients.21:24
alkisgYou can limit password-enabled ssh to the ltsp-facing nic21:25
MagicFabno, RSA pairs meand .ssh has more than AuthHosts in it (on the server)21:25
alkisgIt's a pair; you need half of it on the server and half of it on the client21:25
MagicFabactually the client's would be within its image.21:25
MagicFabright ?21:26
alkisgBut how would the users authenticate, so that they could use the keys?21:26
MagicFabI know, that's why I am here :D21:26
alkisgThe only way for key-based authentication to make sense in LTSP (afaik) is if each user had his own usb stick with his keys, and used that as an authentication mechanism...21:27
MagicFabI usually won't setup a local account where someone else in the same LAN could launch a dictionary attack21:27
alkisgHow is that different from having LDAP accounts or local accounts in any local network?21:28
MagicFablimiting the auth method per NIC would be enough for now, but I am still curious .21:28
alkisgI mean, what do you usually use, in non-ltsp setups?21:29
MagicFabalkisg, I don't expect shell accounts on the server when using LDAP.21:29
alkisgFor key authentication to work, you must login *first* on some machine to have access to your private key21:30
alkisgOK, I got your concern.21:30
MagicFabI mentioned above the private key could be within the image - but doesn't make sense, that's why I am here.21:30
alkisgYou might want to also ask this in #ltsp, as it has more people there.21:31
MagicFabnot much of a concern but more of lack of context / experience so I was missing some easy way to reason around this. When/if you know LTSP means a server listening on port22 with shell accounts and people with easy password, other measures are needed.21:31
alkisgWell, anyone with a netbook can become an instant ltsp client21:32
MagicFabfirst and foremost I need to know how to make it acessible remotely without having only password auth :)21:32
MagicFabwell, anyone with the right MAC address yes... etc.21:32
alkisgRight, if you can block it per mac, it's the safest thing to do (still it can be easily faked, but it raises the bar a little)21:33
MagicFabmotivations vs. $/resources to prevent all scenarios are next - I am also anticipating someone "OMFG! This LTSP server is by default INSECURE!" :) ..to which as you said I'd respond anyone with physical access to your LAN already has it easier.21:34
MagicFabok, MAC address is something I hadn't thought of, I'll add it. Maybe I need a "LTSP hardening" checklist. Thanks for the answers.21:35
alkisgDo ask this in #ltsp, as I'm not usually concerned about security, so I haven't given it too much thought21:35
alkisg(and people here seem away at this time)21:36
MagicFabalkisg, tx again21:39
highvoltageHedgeMage: are you around?21:53
highvoltagealkisg: I also noticed the inconsistancy in case for --extra-help21:56
highvoltagealkisg: additially also that some sentences has periods at the end and some not21:56
highvoltagealkisg: I've been planning to give a patch for that :)21:56
alkisgYup, I reported that as well :D21:56
alkisghighvoltage: if we're to fix them for Lucid, we'd better harry, as the translators will need some time to respond21:57
=== lolcat is now known as SquishyD
crimsunalkisg: it'll probably be easier to ping me here, but seriously e-mail is much faster due to work policies22:55
alkisgcrimsun: should I file a new bug requesting the seeds change?22:56
crimsunyes please22:56
alkisgThank you and sorry for pinging you :)22:56
crimsunplease subscribe me to it22:56
crimsunoh no sweat regarding pinging me22:57
isforinsectsI have a nagging issue regarding aspell, anyone know something about it?23:36
HedgeMagehighvoltage: am now23:39
HedgeMagehi, crimsun long time no see23:39
highvoltageHedgeMage: I wanted to tell you something but I can't remember what :)23:40
crimsunhi, HedgeMage. I've been around as dtchen.23:40
crimsun(too lazy to /nick)23:40
* highvoltage likes "crimsun" more :)23:40
HedgeMagecrimsun: ahh, I didn't know that was you :)23:49
HedgeMagehighvoltage: silly :P   I'm packing for the move, so I'll be in and out.  Feel free to message me when you remember.23:50
highvoltageI can only remember that I was very eager to tell you, which just makes it more difficult to remember23:51
highvoltagethis is why I shouldn't be awake at 01:5223:51

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!